1<?php 2 3use dokuwiki\PassHash; 4/*><div style="width:60%; margin: auto; background-color: #fcc; 5 border: 1px solid #faa; padding: 0.5em 1em;"> 6 <h1 style="font-size: 120%">No PHP Support</h1> 7 8 It seems this server has no PHP support enabled. You will need to 9 enable PHP before you can install and run DokuWiki. Contact your hosting 10 provider if you're unsure what this means. 11 12</div>*/ 13/** 14 * Dokuwiki installation assistance 15 * 16 * @author Chris Smith <chris@jalakai.co.uk> 17 */ 18 19if (!defined('DOKU_INC')) define('DOKU_INC', __DIR__ . '/'); 20if (!defined('DOKU_CONF')) define('DOKU_CONF', DOKU_INC . 'conf/'); 21if (!defined('DOKU_LOCAL')) define('DOKU_LOCAL', DOKU_INC . 'conf/'); 22 23// load and initialize the core system 24require_once(DOKU_INC . 'inc/init.php'); 25require_once(DOKU_INC . 'inc/pageutils.php'); 26 27// check for error reporting override or set error reporting to sane values 28if (!defined('DOKU_E_LEVEL')) { 29 error_reporting(E_ALL ^ E_NOTICE); 30} else { 31 error_reporting(DOKU_E_LEVEL); 32} 33 34// language strings 35require_once(DOKU_INC . 'inc/lang/en/lang.php'); 36if (isset($_REQUEST['l']) && !is_array($_REQUEST['l'])) { 37 $LC = preg_replace('/[^a-z\-]+/', '', $_REQUEST['l']); 38} 39if (empty($LC)) $LC = 'en'; 40if ($LC && $LC != 'en') { 41 require_once(DOKU_INC . 'inc/lang/' . $LC . '/lang.php'); 42} 43 44// initialise variables ... 45$error = []; 46 47// begin output 48header('Content-Type: text/html; charset=utf-8'); 49?> 50<!DOCTYPE html> 51<html lang="<?php echo $LC?>" dir="<?php echo $lang['direction']?>"> 52<head> 53 <meta charset="utf-8" /> 54 <title><?php echo $lang['i_installer']?></title> 55 <style> 56 body { width: 90%; margin: 0 auto; font: 84% Verdana, Helvetica, Arial, sans-serif; } 57 img { border: none } 58 br.cl { clear:both; } 59 code { font-size: 110%; color: #800000; } 60 fieldset { border: none } 61 label { display: block; margin-top: 0.5em; } 62 select.text, input.text { width: 30em; margin: 0 0.5em; } 63 a {text-decoration: none} 64 </style> 65 <script> 66 function acltoggle(){ 67 var cb = document.getElementById('acl'); 68 var fs = document.getElementById('acldep'); 69 if(!cb || !fs) return; 70 if(cb.checked){ 71 fs.style.display = ''; 72 }else{ 73 fs.style.display = 'none'; 74 } 75 } 76 window.onload = function(){ 77 acltoggle(); 78 var cb = document.getElementById('acl'); 79 if(cb) cb.onchange = acltoggle; 80 }; 81 </script> 82</head> 83<body style=""> 84 <h1 style="float:left"> 85 <img src="lib/exe/fetch.php?media=wiki:dokuwiki-128.png" 86 style="vertical-align: middle;" alt="" height="64" width="64" /> 87 <?php echo $lang['i_installer']?> 88 </h1> 89 <div style="float:right; margin: 1em;"> 90 <?php langsel()?> 91 </div> 92 <br class="cl" /> 93 94 <div style="float: right; width: 34%;"> 95 <?php 96 if (file_exists(DOKU_INC . 'inc/lang/' . $LC . '/install.html')) { 97 include(DOKU_INC . 'inc/lang/' . $LC . '/install.html'); 98 } else { 99 print "<div lang=\"en\" dir=\"ltr\">\n"; 100 include(DOKU_INC . 'inc/lang/en/install.html'); 101 print "</div>\n"; 102 } 103 ?> 104 <a style=" 105 background: transparent 106 url(data/dont-panic-if-you-see-this-in-your-logs-it-means-your-directory-permissions-are-correct.png) 107 left top no-repeat; 108 display: block; width:380px; height:73px; border:none; clear:both;" 109 target="_blank" 110 href="http://www.dokuwiki.org/security#web_access_security"></a> 111 </div> 112 113 <div style="float: left; width: 58%;"> 114 <?php 115 try { 116 if (! (check_functions() && check_permissions())) { 117 echo '<p>' . $lang['i_problems'] . '</p>'; 118 print_errors(); 119 print_retry(); 120 } elseif (!check_configs()) { 121 echo '<p>' . $lang['i_modified'] . '</p>'; 122 print_errors(); 123 } elseif (check_data($_REQUEST['d'])) { 124 // check_data has sanitized all input parameters 125 if (!store_data($_REQUEST['d'])) { 126 echo '<p>' . $lang['i_failure'] . '</p>'; 127 print_errors(); 128 } else { 129 echo '<p>' . $lang['i_success'] . '</p>'; 130 } 131 } else { 132 print_errors(); 133 print_form($_REQUEST['d']); 134 } 135 } catch (Exception $e) { 136 echo 'Caught exception: ', $e->getMessage(), "\n"; 137 } 138 ?> 139 </div> 140 141 142<div style="clear: both"> 143 <a href="http://dokuwiki.org/"><img src="lib/tpl/dokuwiki/images/button-dw.png" alt="driven by DokuWiki" /></a> 144 <a href="http://php.net"><img src="lib/tpl/dokuwiki/images/button-php.gif" alt="powered by PHP" /></a> 145</div> 146</body> 147</html> 148<?php 149 150/** 151 * Print the input form 152 * 153 * @param array $d submitted entry 'd' of request data 154 */ 155function print_form($d) 156{ 157 global $lang; 158 global $LC; 159 160 include(DOKU_CONF . 'license.php'); 161 162 if (!is_array($d)) $d = []; 163 $d = array_map('hsc', $d); 164 165 if (!isset($d['acl'])) $d['acl'] = 1; 166 if (!isset($d['pop'])) $d['pop'] = 1; 167 168 ?> 169 <form action="" method="post"> 170 <input type="hidden" name="l" value="<?php echo $LC ?>" /> 171 <fieldset> 172 <label for="title"><?php echo $lang['i_wikiname']?> 173 <input type="text" name="d[title]" id="title" value="<?php echo $d['title'] ?>" style="width: 20em;" /> 174 </label> 175 176 <fieldset style="margin-top: 1em;"> 177 <label for="acl"> 178 <input type="checkbox" name="d[acl]" id="acl" <?php echo(($d['acl'] ? ' checked="checked"' : ''));?> /> 179 <?php echo $lang['i_enableacl']?></label> 180 181 <fieldset id="acldep"> 182 <label for="superuser"><?php echo $lang['i_superuser']?></label> 183 <input class="text" type="text" name="d[superuser]" id="superuser" 184 value="<?php echo $d['superuser'] ?>" /> 185 186 <label for="fullname"><?php echo $lang['fullname']?></label> 187 <input class="text" type="text" name="d[fullname]" id="fullname" 188 value="<?php echo $d['fullname'] ?>" /> 189 190 <label for="email"><?php echo $lang['email']?></label> 191 <input class="text" type="text" name="d[email]" id="email" value="<?php echo $d['email'] ?>" /> 192 193 <label for="password"><?php echo $lang['pass']?></label> 194 <input class="text" type="password" name="d[password]" id="password" /> 195 196 <label for="confirm"><?php echo $lang['passchk']?></label> 197 <input class="text" type="password" name="d[confirm]" id="confirm" /> 198 199 <label for="policy"><?php echo $lang['i_policy']?></label> 200 <select class="text" name="d[policy]" id="policy"> 201 <option value="0" <?php echo ($d['policy'] == 0) ? 'selected="selected"' : '' ?>><?php 202 echo $lang['i_pol0']?></option> 203 <option value="1" <?php echo ($d['policy'] == 1) ? 'selected="selected"' : '' ?>><?php 204 echo $lang['i_pol1']?></option> 205 <option value="2" <?php echo ($d['policy'] == 2) ? 'selected="selected"' : '' ?>><?php 206 echo $lang['i_pol2']?></option> 207 </select> 208 209 <label for="allowreg"> 210 <input type="checkbox" name="d[allowreg]" id="allowreg" <?php 211 echo(($d['allowreg'] ? ' checked="checked"' : ''));?> /> 212 <?php echo $lang['i_allowreg']?> 213 </label> 214 </fieldset> 215 </fieldset> 216 217 <fieldset> 218 <p><?php echo $lang['i_license']?></p> 219 <?php 220 $license[] = ['name' => $lang['i_license_none'], 'url' => '']; 221 if (empty($d['license'])) $d['license'] = 'cc-by-sa'; 222 foreach ($license as $key => $lic) { 223 echo '<label for="lic_' . $key . '">'; 224 echo '<input type="radio" name="d[license]" value="' . hsc($key) . '" id="lic_' . $key . '"' . 225 (($d['license'] === $key) ? ' checked="checked"' : '') . '>'; 226 echo hsc($lic['name']); 227 if ($lic['url']) echo ' <a href="' . $lic['url'] . '" target="_blank"><sup>[?]</sup></a>'; 228 echo '</label>'; 229 } 230 ?> 231 </fieldset> 232 233 <fieldset> 234 <p><?php echo $lang['i_pop_field']?></p> 235 <label for="pop"> 236 <input type="checkbox" name="d[pop]" id="pop" <?php 237 echo(($d['pop'] ? ' checked="checked"' : ''));?> /> 238 <?php echo $lang['i_pop_label']?> 239 <a href="http://www.dokuwiki.org/popularity" target="_blank"><sup>[?]</sup></a> 240 </label> 241 </fieldset> 242 243 </fieldset> 244 <fieldset id="process"> 245 <button type="submit" name="submit"><?php echo $lang['btn_save']?></button> 246 </fieldset> 247 </form> 248 <?php 249} 250 251function print_retry() 252{ 253 global $lang; 254 global $LC; 255 ?> 256 <form action="" method="get"> 257 <fieldset> 258 <input type="hidden" name="l" value="<?php echo $LC ?>" /> 259 <button type="submit"><?php echo $lang['i_retry'];?></button> 260 </fieldset> 261 </form> 262 <?php 263} 264 265/** 266 * Check validity of data 267 * 268 * @author Andreas Gohr 269 * 270 * @param array $d 271 * @return bool ok? 272 */ 273function check_data(&$d) 274{ 275 static $form_default = [ 276 'title' => '', 277 'acl' => '1', 278 'superuser' => '', 279 'fullname' => '', 280 'email' => '', 281 'password' => '', 282 'confirm' => '', 283 'policy' => '0', 284 'allowreg' => '0', 285 'license' => 'cc-by-sa' 286 ]; 287 global $lang; 288 global $error; 289 290 if (!is_array($d)) $d = []; 291 foreach ($d as $k => $v) { 292 if (is_array($v)) 293 unset($d[$k]); 294 else $d[$k] = (string)$v; 295 } 296 297 //autolowercase the username 298 $d['superuser'] = isset($d['superuser']) ? strtolower($d['superuser']) : ""; 299 300 $ok = false; 301 302 if (isset($_REQUEST['submit'])) { 303 $ok = true; 304 305 // check input 306 if (empty($d['title'])) { 307 $error[] = sprintf($lang['i_badval'], $lang['i_wikiname']); 308 $ok = false; 309 } 310 if (isset($d['acl'])) { 311 if (empty($d['superuser']) || ($d['superuser'] !== cleanID($d['superuser']))) { 312 $error[] = sprintf($lang['i_badval'], $lang['i_superuser']); 313 $ok = false; 314 } 315 if (empty($d['password'])) { 316 $error[] = sprintf($lang['i_badval'], $lang['pass']); 317 $ok = false; 318 } elseif (!isset($d['confirm']) || $d['confirm'] != $d['password']) { 319 $error[] = sprintf($lang['i_badval'], $lang['passchk']); 320 $ok = false; 321 } 322 if (empty($d['fullname']) || strstr($d['fullname'], ':')) { 323 $error[] = sprintf($lang['i_badval'], $lang['fullname']); 324 $ok = false; 325 } 326 if (empty($d['email']) || strstr($d['email'], ':') || !strstr($d['email'], '@')) { 327 $error[] = sprintf($lang['i_badval'], $lang['email']); 328 $ok = false; 329 } 330 } else { 331 // Since default = 1, browser won't send acl=0 when user untick acl 332 $d['acl'] = '0'; 333 } 334 } 335 $d = array_merge($form_default, $d); 336 return $ok; 337} 338 339/** 340 * Writes the data to the config files 341 * 342 * @author Chris Smith <chris@jalakai.co.uk> 343 * 344 * @param array $d 345 * @return bool 346 */ 347function store_data($d) 348{ 349 global $LC; 350 $ok = true; 351 $d['policy'] = (int) $d['policy']; 352 353 // create local.php 354 $now = gmdate('r'); 355 $output = <<<EOT 356<?php 357/** 358 * Dokuwiki's Main Configuration File - Local Settings 359 * Auto-generated by install script 360 * Date: $now 361 */ 362 363EOT; 364 // add any config options set by a previous installer 365 $preset = __DIR__ . '/install.conf'; 366 if (file_exists($preset)) { 367 $output .= "# preset config options\n"; 368 $output .= file_get_contents($preset); 369 $output .= "\n\n"; 370 $output .= "# options selected in installer\n"; 371 @unlink($preset); 372 } 373 374 $output .= '$conf[\'title\'] = \'' . addslashes($d['title']) . "';\n"; 375 $output .= '$conf[\'lang\'] = \'' . addslashes($LC) . "';\n"; 376 $output .= '$conf[\'license\'] = \'' . addslashes($d['license']) . "';\n"; 377 if ($d['acl']) { 378 $output .= '$conf[\'useacl\'] = 1' . ";\n"; 379 $output .= "\$conf['superuser'] = '@admin';\n"; 380 } 381 if (!$d['allowreg']) { 382 $output .= '$conf[\'disableactions\'] = \'register\'' . ";\n"; 383 } 384 $ok = $ok && fileWrite(DOKU_LOCAL . 'local.php', $output); 385 386 if ($d['acl']) { 387 // hash the password 388 $phash = new PassHash(); 389 $pass = $phash->hash_bcrypt($d['password']); 390 391 // create users.auth.php 392 $output = <<<EOT 393# users.auth.php 394# <?php exit()?> 395# Don't modify the lines above 396# 397# Userfile 398# 399# Auto-generated by install script 400# Date: $now 401# 402# Format: 403# login:passwordhash:Real Name:email:groups,comma,separated 404 405EOT; 406 // --- user:bcryptpasswordhash:Real Name:email:groups,comma,seperated 407 $output = $output . "\n" . implode(':', [ 408 $d['superuser'], 409 $pass, 410 $d['fullname'], 411 $d['email'], 412 'admin,user', 413 ]) . "\n"; 414 $ok = $ok && fileWrite(DOKU_LOCAL . 'users.auth.php', $output); 415 416 // create acl.auth.php 417 $output = <<<EOT 418# acl.auth.php 419# <?php exit()?> 420# Don't modify the lines above 421# 422# Access Control Lists 423# 424# Auto-generated by install script 425# Date: $now 426 427EOT; 428 if ($d['policy'] == 2) { 429 $output .= "* @ALL 0\n"; 430 $output .= "* @user 8\n"; 431 } elseif ($d['policy'] == 1) { 432 $output .= "* @ALL 1\n"; 433 $output .= "* @user 8\n"; 434 } else { 435 $output .= "* @ALL 8\n"; 436 } 437 $ok = $ok && fileWrite(DOKU_LOCAL . 'acl.auth.php', $output); 438 } 439 440 // enable popularity submission 441 if (isset($d['pop']) && $d['pop']) { 442 @touch(DOKU_INC . 'data/cache/autosubmit.txt'); 443 } 444 445 // disable auth plugins til needed 446 $output = <<<EOT 447<?php 448/* 449 * Local plugin enable/disable settings 450 * 451 * Auto-generated by install script 452 * Date: $now 453 */ 454 455\$plugins['authad'] = 0; 456\$plugins['authldap'] = 0; 457\$plugins['authmysql'] = 0; 458\$plugins['authpgsql'] = 0; 459 460EOT; 461 $ok = $ok && fileWrite(DOKU_LOCAL . 'plugins.local.php', $output); 462 463 return $ok; 464} 465 466/** 467 * Write the given content to a file 468 * 469 * @author Chris Smith <chris@jalakai.co.uk> 470 * 471 * @param string $filename 472 * @param string $data 473 * @return bool 474 */ 475function fileWrite($filename, $data) 476{ 477 global $error; 478 global $lang; 479 480 if (($fp = @fopen($filename, 'wb')) === false) { 481 $filename = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $filename); 482 $error[] = sprintf($lang['i_writeerr'], $filename); 483 return false; 484 } 485 486 if (!empty($data)) { 487 fwrite($fp, $data); 488 } 489 fclose($fp); 490 return true; 491} 492 493 494/** 495 * check installation dependent local config files and tests for a known 496 * unmodified main config file 497 * 498 * @author Chris Smith <chris@jalakai.co.uk> 499 * 500 * @return bool 501 */ 502function check_configs() 503{ 504 global $error; 505 global $lang; 506 507 $ok = true; 508 509 $config_files = [ 510 'local' => DOKU_LOCAL . 'local.php', 511 'users' => DOKU_LOCAL . 'users.auth.php', 512 'auth' => DOKU_LOCAL . 'acl.auth.php' 513 ]; 514 515 // configs shouldn't exist 516 foreach ($config_files as $file) { 517 if (file_exists($file) && filesize($file)) { 518 $file = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $file); 519 $error[] = sprintf($lang['i_confexists'], $file); 520 $ok = false; 521 } 522 } 523 return $ok; 524} 525 526 527/** 528 * Check other installation dir/file permission requirements 529 * 530 * @author Chris Smith <chris@jalakai.co.uk> 531 * 532 * @return bool 533 */ 534function check_permissions() 535{ 536 global $error; 537 global $lang; 538 539 $dirs = [ 540 'conf' => DOKU_LOCAL, 541 'data' => DOKU_INC . 'data', 542 'pages' => DOKU_INC . 'data/pages', 543 'attic' => DOKU_INC . 'data/attic', 544 'media' => DOKU_INC . 'data/media', 545 'media_attic' => DOKU_INC . 'data/media_attic', 546 'media_meta' => DOKU_INC . 'data/media_meta', 547 'meta' => DOKU_INC . 'data/meta', 548 'cache' => DOKU_INC . 'data/cache', 549 'locks' => DOKU_INC . 'data/locks', 550 'index' => DOKU_INC . 'data/index', 551 'tmp' => DOKU_INC . 'data/tmp' 552 ]; 553 554 $ok = true; 555 foreach ($dirs as $dir) { 556 if (!file_exists("$dir/.") || !is_writable($dir)) { 557 $dir = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}', $dir); 558 $error[] = sprintf($lang['i_permfail'], $dir); 559 $ok = false; 560 } 561 } 562 return $ok; 563} 564 565/** 566 * Check the availability of functions used in DokuWiki and the PHP version 567 * 568 * @author Andreas Gohr <andi@splitbrain.org> 569 * 570 * @return bool 571 */ 572function check_functions() 573{ 574 global $error; 575 global $lang; 576 $ok = true; 577 578 if (version_compare(phpversion(), '7.4.0', '<')) { 579 $error[] = sprintf($lang['i_phpver'], phpversion(), '7.4.0'); 580 $ok = false; 581 } 582 583 if (ini_get('mbstring.func_overload') != 0) { 584 $error[] = $lang['i_mbfuncoverload']; 585 $ok = false; 586 } 587 588 try { 589 random_bytes(1); 590 } catch (\Exception $th) { 591 // If an appropriate source of randomness cannot be found, an Exception will be thrown by PHP 7+ 592 $error[] = $lang['i_urandom']; 593 $ok = false; 594 } 595 596 if (ini_get('mbstring.func_overload') != 0) { 597 $error[] = $lang['i_mbfuncoverload']; 598 $ok = false; 599 } 600 601 $funcs = explode(' ', 'addslashes call_user_func chmod copy fgets ' . 602 'file file_exists fseek flush filesize ftell fopen ' . 603 'glob header ignore_user_abort ini_get mkdir ' . 604 'ob_start opendir parse_ini_file readfile realpath ' . 605 'rename rmdir serialize session_start unlink usleep ' . 606 'preg_replace file_get_contents htmlspecialchars_decode ' . 607 'spl_autoload_register stream_select fsockopen pack xml_parser_create'); 608 609 if (!function_exists('mb_substr')) { 610 $funcs[] = 'utf8_encode'; 611 $funcs[] = 'utf8_decode'; 612 } 613 614 if (!function_exists('mail')) { 615 if (strpos(ini_get('disable_functions'), 'mail') !== false) { 616 $disabled = $lang['i_disabled']; 617 } else { 618 $disabled = ""; 619 } 620 $error[] = sprintf($lang['i_funcnmail'], $disabled); 621 } 622 623 foreach ($funcs as $func) { 624 if (!function_exists($func)) { 625 $error[] = sprintf($lang['i_funcna'], $func); 626 $ok = false; 627 } 628 } 629 return $ok; 630} 631 632/** 633 * Print language selection 634 * 635 * @author Andreas Gohr <andi@splitbrain.org> 636 */ 637function langsel() 638{ 639 global $lang; 640 global $LC; 641 642 $dir = DOKU_INC . 'inc/lang'; 643 $dh = opendir($dir); 644 if (!$dh) return; 645 646 $langs = []; 647 while (($file = readdir($dh)) !== false) { 648 if (preg_match('/^[\._]/', $file)) continue; 649 if (is_dir($dir . '/' . $file) && file_exists($dir . '/' . $file . '/lang.php')) { 650 $langs[] = $file; 651 } 652 } 653 closedir($dh); 654 sort($langs); 655 656 echo '<form action="">'; 657 echo $lang['i_chooselang']; 658 echo ': <select name="l" onchange="submit()">'; 659 foreach ($langs as $l) { 660 $sel = ($l == $LC) ? 'selected="selected"' : ''; 661 echo '<option value="' . $l . '" ' . $sel . '>' . $l . '</option>'; 662 } 663 echo '</select> '; 664 echo '<button type="submit">' . $lang['btn_update'] . '</button>'; 665 echo '</form>'; 666} 667 668/** 669 * Print global error array 670 * 671 * @author Andreas Gohr <andi@splitbrain.org> 672 */ 673function print_errors() 674{ 675 global $error; 676 if (!empty($error)) { 677 echo '<ul>'; 678 foreach ($error as $err) { 679 echo "<li>$err</li>"; 680 } 681 echo '</ul>'; 682 } 683} 684